<?php

namespace App\Http\Middleware;

use App\Http\Services\AdminManager;
use App\Http\Services\MerchantManager;
use App\Http\Services\UserManager;
use App\User;
use Closure;

class Role
{
    /**
     * Handle an incoming request.
     *
     * @param  \Illuminate\Http\Request  $request
     * @param  \Closure  $next
     * @return mixed
     */
    public function handle($request, Closure $next,$roles)
    {
        /** @var User $adminUser */
        $adminUser = AdminManager::isLogin($request);
        if(!$adminUser)
            return response()->json(['level' => 'error','message' => '请先登录！','data' => 'no_login']);

        if(!$adminUser->hasRole('system_admin')) {
            if (!$adminUser->hasRole(explode('|', $roles)))
                return response()->json(["level" => "error", "message" => "无权限访问", "data" => "no_permission"]);
        }
        return $next($request);
    }
}
